PRIVACY POLICY

 

Last updated: 14 June 2022

General information and mandatory information

Responsible body for the data processing on this website:

Medigo GmbH (www.medigo.com) | Torstraße 124 | 10119 Berlin
Managing Directors: Aurélien Guèye
The responsible person(s) decides alone or jointly with others on the purposes and means of processing personal data (e.g. names, contact details, etc.).

 

MEDIGO GmbH SERVICES

Medigo GmbH (hereinafter “Medigo”) is solely responsible for controlling the data and processing the information obtained via the platform or other communication between the user, hospital, clinic, or third party and a member of the Medigo customer service team (“Care Team”).

Medigo may use the services of third parties, service providers, and affiliated companies to conduct business operations and to process data provided by users and may pass on the data for these purposes. Medigo remains responsible for the information collected and shared under this Privacy Policy, except in cases where Medigo cannot be held responsible for a breach of this Privacy Policy.

The user can use individual services (“special services”) of Medigo. For this purpose, it is necessary that the user consents to the collection, processing, and use of his/her personal data and, if applicable, also of special personal data. This applies in particular to the special services listed below:

1. If the user is the policyholder of an insurance partner of Medigo (“insurer”), the user authorizes the medical service provider, the third-party provider, and the insurer to inform Medigo of the specific personal data relating to the medical treatment of the user as well as the amount and date of the invoice transmitted by the service provider to the user or to the insurer.

2. Forums will be set up on the platform or on the websites of associated companies to enable the exchange of experiences and opinions between users.

3. Medigo uses the personal data for its own advertising purposes and sends the user information about Medigo, new products and services, medical service providers, etc., by email, phone call, SMS, or post.

PURPOSE OF USE AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA

We process personal data required for the establishment, implementation, or processing of our range of services on the legal basis of Art. 6, Para. 1, lit. b or f, DSGVO. If you have given us your consent to process personal data for specific purposes, we will process it on the basis of your consent pursuant to Art. 6, Para. 1, lit. a, DSGVO.

If we use external services in the context of order data processing, the processing is carried out on the legal basis of Art. 28, DSGVO.

Personal data is collected, processed, and used by us exclusively for the following purposes:

Purpose of data processing Legal basis for data processing
for contact and related correspondence on the basis of your consent
to ensure that our website is presented to you in the most effective and interesting way possible (e.g. through anonymous evaluation) on the basis of legitimate interests
for the technical realisation of our offers on the basis of legitimate interests

CONSENT OF THE USER

1. The user agrees that Medigo collects, stores, and uses the personal data and special personal data for the following purposes:

(a) To provide the data to the medical service provider designated by the user (clinics, hospitals, dentists, or specialists established in the EEA or in other countries) or, if no medical service provider has been designated, to up to three medical service providers selected by Medigo according to fixed criteria (state of health, preferred country, language of the medical service provider and the user, reaction of the medical service provider in previous cases, and “best price” for the procedure requested by the user) in order either to request an offer or to book a service from the medical service provider,
(b) Passing on this data to third parties, partners, and affiliated companies within and outside the European Economic Area (EEA) who provide customer service, advertising, or payment services on behalf of Medigo in accordance with Medigo’s instructions and in compliance with the data protection declaration and corresponding confidentiality and security measures of Medigo,
(c) For any service for which the user has registered on this website,
and
(d) For internal price calculation and offer examination, in each case to the extent necessary for this purpose.

2. The user agrees that Medigo may review, search, and analyse communication via the platform or by e-mail between the user and Medigo’s medical service partners for purposes of fraud prevention, risk assessment, compliance, investigation, product development, research, and customer care. Medigo uses automated methods to check, search, and analyse user communications. For individual investigations into suspected fraud, customer support, or to evaluate and improve the functionality of automated tools, individual communications may need to be manually reviewed.

3. The user has the right to object to such collection, processing, and use of personal data and special personal data at any time and with effect for the future (see section “Revocation of your consent to data processing”). However, Medigo will then no longer be able to provide the user with the services that require the processing of personal data or specific personal data.

COLLECTED AND PROCESSED PERSONAL DATA

We collect and process your personal data only if you provide them voluntarily and with your consent, e.g., by filling out our forms (free offer) or by sending emails. Within the framework of the available forms or messages, this is primarily the following data:

Data of interested parties for services:

  • first name
  • surname
  • email address
  • telephone number
  • the agreement to the data protection declaration
  • the consent

The collection and storage of special personal data (such as information on medical status, health, sex life, habits, and religion) is carried out for the conclusion of a corresponding agreement, for the opening of a customer account, or for establishing contact with Medigo or a medical service partner of Medigo.

Medigo’s medical service providers are essentially clinics, hospitals, dentists or established specialists in the EEA or in other countries.

These data will be used exclusively for the aforementioned purposes, unless the user expressly permits Medigo to use them for other purposes. In this case, the data will be used only to the extent necessary for the respective purpose, e.g., conclusion, execution, and performance of the contract.

These data will be used exclusively for the aforementioned purposes, unless the user expressly permits Medigo to use them for other purposes. In this case, the data will be used only to the extent necessary for the respective purpose, e.g., conclusion, execution, and performance of the contract.

Personal data and its contents provided by you remain exclusively with us and our affiliated companies. We will only store and process your data for the purposes stated. Any use beyond the stated purpose requires your express consent.
The data processing by our partners is subject to their data protection regulations.

The personal data will be deleted immediately in case of revocation of your consent or if the purpose of data use no longer exists.

DISCLOSURE OF PERSONAL DATA

Medigo uses a variety of third-party providers and affiliated companies to offer services via the platform. These third parties and affiliates may originate in the European Economic Area (“EEA”) or in other countries. The third-party providers and affiliates may assist Medigo with the following:

a) the verification or confirmation of the user’s identification;
b) the comparison of information with public databases;
c) background checks, fraud prevention, and risk assessments; or
d) the provision of after-sales services, advertising, or payment services.

Since the disclosure of personal data and special personal data to third parties is not permitted under the above provisions, personal data and special personal data shall be disclosed to third parties only in the following cases:

  1. We pass on personal data and special personal data to our partners and affiliated companies (within the meaning of § 15 ff. AktG) in order to enable a service that Medigo cannot provide itself (e.g. a payment service). This is done according to Medigo’s instructions and in compliance with Medigo’s data protection declaration and corresponding confidentiality and security measures.
  2. To the extent required and permitted by law, we will disclose personal data and specific personal data to companies, organisations, or individuals outside Medigo if we believe the disclosure is necessary to enforce the applicable terms of use (including to investigate possible violations), to resolve security or technical problems, or to protect the rights of Medigo.

If Medigo goes through or is involved in a merger, acquisition, restructuring, sale of assets, bankruptcy, or insolvency, Medigo may sell, transfer, or share some or all of its assets, including user information. In this case, Medigo will inform the user prior to the transfer of personal data and specific personal data. The data will then be subject to a different privacy policy.

REVOCATION OF YOUR CONSENT TO DATA PROCESSING

Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. To revoke your consent, send an informal email to dataprotection@medigo.com. Enter your name, address and (if applicable) user name. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

RIGHT TO APPEAL TO THE COMPETENT SUPERVISORY AUTHORITY

In the event of a breach of data protection law, you as the party concerned, have the right to lodge a complaint with the competent supervisory authority. The competent supervisory authority with regard to data protection issues is the data protection officer of the federal state in which our company has its registered office. The following link provides a list of data protection officers and their contact details: Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

RIGHT TO DATA TRANSFERABILITY

You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to third parties. The information is provided in a machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.

RIGHT TO INFORMATION, CORRECTION, BLOCKING, DELETION

You have the right to free information about your stored personal data, the origin of the data, its recipients, the purpose of the data processing and, if applicable, the right to correction, blocking, or deletion of this data at any time within the framework of the applicable statutory provisions. In this regard and also for further questions on the subject of personal data, you can contact us at any time via the contact options listed in the imprint.

SSL OR TLS ENCRYPTION

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that the data you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the “https://” address line of your browser and by the lock symbol in the browser line.

DATA PROTECTION OFFICER

We have an appointed data protection officer:

Philipp Herold (mein-datenschutzbeauftragter.de)
Hafenstraße 1a
23568 Lübeck

Phone: 0451-16085223
E-mail: philipp.herold@hub24.de or dataprotection@medigo.com

SERVER LOG FILES

In server log files, the provider of the website automatically collects and stores information that your browser automatically transmits to us. These are:

  • Visited page on our domain
  • Date and time of the server request
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • IP address

These data are not merged with other data sources. The data processing is based on Art. 6, para. 1, lit. b, DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

COOKIES

Medigo collects and stores anonymous data for optimisation and marketing purposes, e.g., data on anonymous user profiles and user behaviour. Flash cookies may also be used for this purpose. Cookies and flash cookies are alphanumeric identification codes that Medigo stores on the user’s hard drive via the user’s web browser or other programs. If the user does not wish cookies to be stored, he can deactivate them in accordance with the manufacturer’s instructions for the browser in question.

1. Cookies do not have to be accepted in order to access the Medigo website. However, if the user wishes to mark a clinic as a favourite or wishes to receive a reminder of the clinics visited, he/she must set the browser to accept cookies.

2. Cookies and flash cookies are small files that are stored on the user’s hard drive and store the preferred settings and other data that the Medigo computer system requires for interaction with the browser. There are two types of cookies: session cookies, which are deleted when the user exits the browser, and temporary cookies, which are stored by the user’s browser for an extended period of time. Cookies help Medigo to adapt the platform to the user and to reflect preferences and usage habits. They also allow Medigo to store information entered so that the user does not have to re-enter it the next time he/she visits.

3. Most of the cookies used by Medigo are session cookies that are automatically deleted at the end of a browser session. Medigo also uses cookies that remain on the user’s computer after closing the browser. With these cookies, the Medigo system can recognise whether the user has already visited the platform and can call up the settings and clinics preferred by the user. These temporary cookies remain on the computer for about a month and are then automatically deleted. Medigo collects and analyses data via such cookies in order to develop strategies for improving the platform. This is to simplify the use of the Medigo website.

4. Medigo cookies are not used to store personal data. Our cookies are not designed to identify an individual user. If a cookie is activated, it is given an ID number which is used for internal purposes and is not suitable for identifying the user or for accessing personal data such as names or IP addresses. The anonymous data from the cookies allow an assessment of which pages of the Medigo website are most frequently visited and which procedures and clinics are most popular.

5. The Medigo website collects data that can be useful for the creation of advertisements and online offers for the user. This data is not used to identify you as a user, it is only used to optimise the platform. The data collected by these cookies are not stored together with the user’s personal data, they are only used to send the user advertising or messages about offers and services via click-stream analyses, which are tailored to his/her individual needs.

6. Medigo uses retargeting techniques to tailor the online offering to the user. Retargeting technology allows Medigo to advertise recently accessed and similar clinics on partner websites, including those of other companies that may be relevant to the user. This data is anonymous, no personal data is stored and no user profiles are created.

The aforementioned wording was provided by www.mein-datenschutzbeauftragter.de

CHANGES TO THE DATA PROTECTION DECLARATION

Medigo reserves the right to change this Privacy Policy at any time in accordance with its terms. Medigo will post any changes to the Privacy Policy on this website. In addition, users will be notified by email of any significant changes.